Allgemein

12. March 2025

Recompile VLC on Archlinux

For various reasons you’ll want to do that.
For me it was VLC locking up when watching IPTV from a DVB>IP hardware with v3.0.21.
And with v3.0.20 it would have extremely high CPU usage which went away when recompiling.
Only on Archlinux.

Something in their process is funky.

Anyhow let’s go.
First, enable optimizations for your CPU, in /etc/makepkg.conf

#-- Compiler and Linker Flags
# -march (or -mcpu) builds exclusively for an architecture
# -mtune optimizes for an architecture, but builds for whole processor family
CPPFLAGS="-D_FORTIFY_SOURCE=2"
CFLAGS="-march=native -mtune=native -O3 -pipe -fstack-protector-strong -fno-plt"
CXXFLAGS="-march=native -mtune=native -O3 -pipe -fstack-protector-strong -fno-plt"
LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now"
#-- Make Flags: change this for DistCC/SMP systems
MAKEFLAGS="-j32" # number of logical CPUs on your machine
#-- Debugging flags
DEBUG_CFLAGS="-g -fvar-tracking-assignments"
DEBUG_CXXFLAGS="-g -fvar-tracking-assignments"

#-- Compiler and Linker Flags

# -march (or -mcpu) builds exclusively for an architecture

# -mtune optimizes for an architecture, but builds for whole processor family

CPPFLAGS="-D_FORTIFY_SOURCE=2"

CFLAGS="-march=native -mtune=native -O3 -pipe -fstack-protector-strong -fno-plt"

CXXFLAGS="-march=native -mtune=native -O3 -pipe -fstack-protector-strong -fno-plt"

LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now"

#-- Make Flags: change this for DistCC/SMP systems

MAKEFLAGS="-j32" # number of logical CPUs on your machine

#-- Debugging flags

DEBUG_CFLAGS="-g -fvar-tracking-assignments"

DEBUG_CXXFLAGS="-g -fvar-tracking-assignments"

clone the repo and build

git clone https://gitlab.archlinux.org/archlinux/packaging/packages/vlc.git
cd vlc
sudo pacman -Rdd ffmpeg lua52
makepkg -si
sudo pacman -Sd ffmpeg lua52

git clone https://gitlab.archlinux.org/archlinux/packaging/packages/vlc.git

cd vlc

sudo pacman -Rdd ffmpeg lua52

makepkg -si

sudo pacman -Sd ffmpeg lua52

uninstalling ffmpeg and lua52 is required, else there are build errors.
after building, reinstall them again
optionally, if you get missing keys,

yay -Bi .

yay -Bi .

10. March 20258. April 2025

tinode: what a waste of time

This software is not nearly production ready.
Spent the whole days constantly battling with bugs, inconsistencies.
In the end I give up.
I can’t recommend this software at all.

#tinode #im #opensource #donotuse

9. March 20259. March 2025

minio single node single disk docker compose with letsencrypt tls

How to have a single node minio instance,
with docker compose,
and auto updating letencrypt certificate.

Prerequisite:
A way to obtain a cert for your domain via certbot.
The certs should already exist and be able to be renewed.

1st create the docker minio directories.

mkdir -p /docker/minio/data
mkdir -p /docker/minio/certs

1 2	mkdir -p /docker/minio/data mkdir -p /docker/minio/certs

/docker/minio/compose.yaml

name: minio
services:
    minio:
        ports:
            - 9000:9000
            - 9001:9001
        container_name: minio
        volumes:
            - /docker/minio/data:/data
            - /docker/minio/certs:/root/.minio/certs
        environment:
            - MINIO_ROOT_USER=rootuser
            - MINIO_ROOT_PASSWORD=rootpassword
        image: quay.io/minio/minio
        command: server /data --console-address ":9001"

name: minio

services:

minio:

ports:

- 9000:9000

- 9001:9001

container_name: minio

volumes:

- /docker/minio/data:/data

- /docker/minio/certs:/root/.minio/certs

environment:

- MINIO_ROOT_USER=rootuser

- MINIO_ROOT_PASSWORD=rootpassword

image: quay.io/minio/minio

command: server /data --console-address ":9001"

/etc/letsencrypt/renewal-hooks/deploy/copy-certs.sh

#!/bin/bash

TARGET_HOME=/docker/minio
TARGET_DOMAIN=domain.tld

if [[ $RENEWED_DOMAINS == *" $TARGET_DOMAIN "* ]]; then
        cp -L /etc/letsencrypt/live/$TARGET_DOMAIN/* $TARGET_HOME/certs/
	cd $TARGET_HOME
	docker compose up -d
fi

#!/bin/bash

TARGET_HOME=/docker/minio

TARGET_DOMAIN=domain.tld

if [[ $RENEWED_DOMAINS == *" $TARGET_DOMAIN "* ]]; then

cp -L /etc/letsencrypt/live/$TARGET_DOMAIN/* $TARGET_HOME/certs/

cd $TARGET_HOME

docker compose up -d

And finally start it

chmod +x /etc/letsencrypt/renewal-hooks/deploy/copy-certs.sh
cd /docker/minio/certs
cp -L /etc/letsencrypt/live/domain.tld/* /docker/minio/certs/
ln -s fullchain.pem public.crt
ln -s privkey.pem private.key
cd ..
docker compose up -d

chmod +x /etc/letsencrypt/renewal-hooks/deploy/copy-certs.sh

cd /docker/minio/certs

cp -L /etc/letsencrypt/live/domain.tld/* /docker/minio/certs/

ln -s fullchain.pem public.crt

ln -s privkey.pem private.key

cd ..

docker compose up -d

27. February 2025

Compiling gitlab.com/mattwb65/srt-live-server error solution

If you’re having this issue with building
https://gitlab.com/mattwb65/srt-live-server.git
Continue reading “Compiling gitlab.com/mattwb65/srt-live-server error solution”

7. February 20257. February 2025

How to package your SPA or PWA without a Dockerfile using Go and ko

Writing Dockerfiles is a pain in the ass.
All you want to do is publish your SPA or PWA dist files in a docker container and maybe even push it to a private registry.

Instead of having to write a Dockerfile, pull some base OS, increase the size of the container image, add potential attack surfaces / vulnerabilities coming from those base OS images, you can wrap and embed it in a Go binary.

Install ko

Create a ko-build.sh in the project root

#!/bin/bash
ko login registry.domain.tld -u myuser -p mypassword
KO_DOCKER_REPO=registry.domain.tld/user/my-frontend ko build --platform=all

#!/bin/bash

ko login registry.domain.tld -u myuser -p mypassword

KO_DOCKER_REPO=registry.domain.tld/user/my-frontend ko build --platform=all

go mod init git.domain.tld/user/repo
touch main.go

1 2	go mod init git.domain.tld/user/repo touch main.go

and edit main.go and insert the following

package main

import (
	"embed"
	"io/fs"
	"log"
	"net/http"
	"strings"
)

//go:embed dist
var pwa embed.FS

//go:embed dist/index.html
var index embed.FS

var indexFile []byte

func init() {
	var e error
	indexFile, e = index.ReadFile("dist/index.html")
	if e != nil {
		log.Fatal(e.Error())
	}
}

func main() {
	root, e := fs.Sub(pwa, "dist")
	if e != nil {
		log.Fatal(e.Error())
	}
	log.Fatal(http.ListenAndServe(":8080", Handler(root)))
}

func Handler(root fs.FS) http.Handler {
	handler := http.FileServer(http.FS(root))

	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
		_path := req.URL.Path

		// static files
		if strings.Contains(_path, ".") || _path == "/" {
			handler.ServeHTTP(w, req)
			return
		}
		w.Write(indexFile)
	})
}

package main

import (

"embed"

"io/fs"

"log"

"net/http"

"strings"

)

//go:embed dist

var pwa embed.FS

//go:embed dist/index.html

var index embed.FS

var indexFile []byte

func init() {

var e error

indexFile, e = index.ReadFile("dist/index.html")

if e != nil {

log.Fatal(e.Error())

}

func main() {

root, e := fs.Sub(pwa, "dist")

if e != nil {

log.Fatal(e.Error())

}

log.Fatal(http.ListenAndServe(":8080", Handler(root)))

}

func Handler(root fs.FS) http.Handler {

handler := http.FileServer(http.FS(root))

return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {

_path := req.URL.Path

// static files

if strings.Contains(_path, ".") || _path == "/" {

handler.ServeHTTP(w, req)

return

}

w.Write(indexFile)

})

}

assuming your bundler, e.g. vite, places dist files in your project root’s dist dir (vite default),

dist
├── assets
│   ├── index-D-1oofZ3.css
│   └── index-DMGf-fk6.js
├── index.html
└── vite.svg

dist

├── assets

│ ├── index-D-1oofZ3.css

│ └── index-DMGf-fk6.js

├── index.html

└── vite.svg

If your dist files are in dist/pwa and your index file is at dist/pwa/index.html edit the lines accordingly.

This is effectively what would be in nginx:

	location / {
		try_files $uri $uri/ /index.html;
	}

location / {

try_files $uri $uri/ /index.html;

}

Your container exposes port 8080

Build and publish

bash ko-build.sh

1	bash ko-build.sh

Since you only need to write this once, you can copy the main.go to every project that requires it and adjust the ko-build.sh script.

Yes, this survives CTRL+F5 reloads. It routes everything through index.html unless it’s a static file that exists on the filesystem.

#spa #pwa #go #ko #docker #registry #build #publish